Former Windows Vista hacker now hardening OS X, iOS at Apple

Noted security researcher Kristin Paget—known for her work that helped to beef up the security of Windows Vista—is now working at Apple as a Core OS Security Researcher. Paget confirmed to Wired that she has been working at Apple since September but couldn't divulge any specific details of her work.

Paget has a long history of finding and plugging security holes in all manner of hardware and software. Perhaps most famously, she was part of a group of hackers hired by Microsoft to "lock down" the upcoming Windows Vista operating system in 2006. Microsoft had apparently expected Vista to be fairly secure at that point in its development cycle, but Paget and her cohorts found so many holes that Microsoft ended up delaying its release.

"We prevented a lot of bugs from shipping on Vista," Paget said during a talk at Black Hat last year, after the NDA she signed with Microsoft had expired. "I'm proud of the number of bugs we found and helped get fixed."

In 2009, Paget (then named Chris) unveiled a custom-built mobile platform that captured the unique electronic identifiers used in US passport cards and next-generation drivers licenses. During a 20-minute demonstration with Dan Goodin (before he became IT Security Editor at Ars), Paget's $250 proof-of-concept device was able to surreptitiously copy RFID tags of two passport cards as she drove through downtown San Francisco. The identifiers could then be cloned and loaded onto separate cards.

Paget also has experience intercepting cell phone calls using flaws in the GSM protocol, and has described herself as a "total UNIX head." Those are qualities we expect should be beneficial if put toward locking down OS X and iOS, both built on the same UNIX-based core.

Congratulations to Kristin. Hopefully this means OS X will be super secure and nobody will read my FireflyArrested Development crossover slash fiction until I am ready to publish it.

I was right! I just knew there was a link between The Blooth Corporation and Blue Sun Corporation (i.e. Blooth Son Corporation). I'm sure this fan fict story will make the link very clear. Well done ebbv!

Jeez, the Wannabe Political Correctness Force is really at it again here.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

Nothing bad, "dismal" or despicable about it. Seriously, P.C. needs to die in a fire.

Jeez, the Wannabe Political Correctness Force is really at it again here.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

Nothing bad, "dismal" or despicable about it. Seriously, P.C. needs to die in a fire.

really, it hardly strikes me as an appropriate moment to champion women in IT. transsexualism in the workplace has its own set of issues.

I was trying to be genuine. I'm sorry if I offended anyone. I read the first line of the article (as referenced below) and thought it was great a female is making the news. And before anyone asks I did read the rest of the article. Where I work there are next to no females in IT... anyway, moving right along...

Quote:

Noted security researcher Kristin Paget—known for her work that helped to beef up the security of Windows Vista—is now working at Apple as a Core OS Security Researcher.

Jeez, the Wannabe Political Correctness Force is really at it again here.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

Nothing bad, "dismal" or despicable about it. Seriously, P.C. needs to die in a fire.

really, it hardly strikes me as an appropriate moment to champion women in IT. transsexualism in the workplace has its own set of issues.

English isn't my first language, but this article is confusing. At first I thought she got married and changed her surname from Chris to Paget. Then I read comments...

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

This is soooo over your head. Here's a hint... according to the article, Kristin Paget was known as Chris Paget back in 2009.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

This is soooo over your head. Here's a hint... according to the article, Kristin Paget was known as Chris Paget back in 2009.

Quote:

In 2009, Paget (then named Chris)...

This sounds more like a surname change. Repalce Paget with Kristin and it will be clear, otherwise it isn't.

myself, i would have just launched it off with, "Noted security researcher Kristin (formerly Chris) Paget..." and then just not trifled with it anymore. introducing the "formerly chris" part in the next to last paragraph disrupts the flow. 'tis how we wound up in this mess.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

This is soooo over your head. Here's a hint... according to the article, Kristin Paget was known as Chris Paget back in 2009.

Heh heh, I *really* didn´t get that whole Kristen/Chris thingie, so yeah..... I missed a certain point here *cough*. Obviously, Kristen went down the transgender route .... good for her (I hope).

I still stick to what I said, though, regarding Brigga´s comment and women in IT. That doesn´t change because ... well... Kristen has changed.

After having cleaned and nuking and paving hundreds of Vista systems, I can't say I'm impressed with the work it (He/She/Whatever) did.

And now it works at Apple? So much for that OS not getting viruses...

I'm going to be charitable and offer a hint. While there are possibly a few, very few, people who wish to be referred to as "it", I can almost guarantee that group does not include very many transgender people. "She", not "it", not "he".

Jeez, the Wannabe Political Correctness Force is really at it again here.

From all I can tell, Brigga was sincere with his statement -- women are fairly under-represented in the IT field at least when it comes to technical jobs like programming etc., and at least whre I live, politicians try to encourage women to get an education and a job in IT. Same with other technical engineering jobs.

Nothing bad, "dismal" or despicable about it. Seriously, P.C. needs to die in a fire.

You can take a horse to water, but you can't force it to drink.

It seems to me that most of the media seems to be ignoring the idea that maybe just maybe women aren't that interested in the IT field.

Just as men don't typically seem to be that interested in the Nursing field.

Glad to see Apple hiring some serious security folks. OS X may be fairly resilient to attack (depending on who you ask) but like any software it isn't perfect and definitely has weaknesses.

However, she probably had more influence to secure things being a Microsoft employee than an Apple employee just out of sheer volume of Windows machines out there. Fixing a security bug in a Windows build before shipping probably did more good than fixing a bug in a OS X build after shipping.

It seems to me that most of the media seems to be ignoring the idea that maybe just maybe women aren't that interested in the IT field.

Just as men don't typically seem to be that interested in the Nursing field.

Edit: Yes I know Kristin's back story.

That's an old and increasingly inaccurate stereotype about men and Nursing. One of my really good friends who is a guy went into nursing and now is in CRNA school. My mom was very ill this summer and at least 2-3 of her nurses were (very dedicated) male nurses.

Nursing is a great field for men to go into - their strength is needed in a lot of situations (turning over patients to prevent bedsores, etc.,) and if they are good, they can pretty much command where they work and get the best shifts since there is such a shortage of nurses in general.

Why are you covering for Chris Foresman? It's HIS WRITING that was confusing.

"In 2009, Paget (then named Chris)" is misleading. She could've easily have been Kristin Chris. There's an actor Darren Criss, there's a Governor Chris Christie, why would it be a stretch for a 'she' to have gotten married since 2009 and changed her surname to a married one?

The confusion among those not familiar with the Paget is not the reader's fault; this is on a sloppy writer.

It seems to me that most of the media seems to be ignoring the idea that maybe just maybe women aren't that interested in the IT field.

Just as men don't typically seem to be that interested in the Nursing field.

Edit: Yes I know Kristin's back story.

That's an old and increasingly inaccurate stereotype about men and Nursing. One of my really good friends who is a guy went into nursing and now is in CRNA school. My mom was very ill this summer and at least 2-3 of her nurses were (very dedicated) male nurses.

Nursing is a great field for men to go into - their strength is needed in a lot of situations (turning over patients to prevent bedsores, etc.,) and if they are good, they can pretty much command where they work and get the best shifts since there is such a shortage of nurses in general.

Oh I agree. I am a male nursing student currently.

It just largely remains female dominated. All of my classes are largely female dominated. My CNA class for example had 30 people and only 3 males total including me.